VYPR

CWE-416

Use After Free

VariantStableLikelihood: High

Description

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (2,306)

page 106 of 116
  • CVE-2018-20997Aug 26, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing.

  • CVE-2019-15552Aug 26, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the libflate crate before 0.1.25 for Rust. MultiDecoder::read has a use-after-free, leading to arbitrary code execution.

  • CVE-2019-7560Feb 7, 2019
    risk 0.00cvss epss 0.01

    In parser/btorsmt2.c in Boolector 3.0.0, opening a specially crafted input file leads to a use after free in get_failed_assumptions or btor_delete.

  • CVE-2018-14619HigAug 30, 2018
    risk 0.00cvss 7.8epss 0.00

    A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading…

  • CVE-2018-10902HigAug 21, 2018
    risk 0.00cvss 7.8epss 0.01

    It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local…

  • CVE-2018-10879MedJul 26, 2018
    risk 0.00cvss 4.2epss 0.01

    A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.

  • CVE-2018-10876MedJul 26, 2018
    risk 0.00cvss 5.0epss 0.01

    A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.

  • CVE-2018-1999013MedJul 23, 2018
    risk 0.00cvss 6.5epss 0.02

    FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can result in vulnerability allows attacker to read heap memory. This attack appear to be exploitable via specially crafted RM file has to be…

  • CVE-2018-5873HigJul 6, 2018
    risk 0.00cvss 7.0epss 0.01

    An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM,…

  • CVE-2018-12320HigJun 13, 2018
    risk 0.00cvss 7.8epss 0.01

    There is a use after free in radare2 2.6.0 in r_anal_bb_free() in libr/anal/bb.c via a crafted Java binary file.

  • CVE-2018-0946HigMay 9, 2018
    risk 0.00cvss 7.5epss 0.52

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945,…

  • CVE-2018-10675HigMay 2, 2018
    risk 0.00cvss 7.8epss 0.00

    The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

  • CVE-2018-10199CriApr 18, 2018
    risk 0.00cvss 9.8epss 0.02

    In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy(). An attacker that can cause Ruby code to be run can possibly use this to execute arbitrary code.

  • CVE-2017-18234HigMar 15, 2018
    risk 0.00cvss 7.8epss 0.02

    An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to…

  • CVE-2017-18218HigMar 5, 2018
    risk 0.00cvss 7.8epss 0.00

    In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by leveraging differences in skb handling between hns_nic_net_xmit_hw and…

  • CVE-2017-18202HigFeb 27, 2018
    risk 0.00cvss 7.0epss 0.00

    The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call…

  • CVE-2017-15126HigJan 14, 2018
    risk 0.00cvss 8.1epss 0.04

    A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already…

  • CVE-2018-5344HigJan 12, 2018
    risk 0.00cvss 7.8epss 0.00

    In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.

  • CVE-2015-6126Dec 9, 2015
    risk 0.00cvss epss 0.02

    Race condition in the Pragmatic General Multicast (PGM) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511…

  • CVE-2015-7312Nov 16, 2015
    risk 0.00cvss epss 0.00

    Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync…